“Phishing” is the process by which a perpetrator fraudulently attempts to acquire user identifiable and/or sensitive information. such as user names, passwords, credit card numbers, social security numbers, and the like, through an electronic communication, such as an e-mail message. The e-mail message may purport to be from a company or organization with which the recipient has a relationship, and may direct the recipient to reply to the message with the sensitive information or click on an embedded link that takes the recipient to a fake website masquerading as the legitimate website of the organization. There the recipient may be prompted to enter their sensitive information, such as user name, password, etc., which may be recorded and later used by the perpetrator of the phishing scheme to defraud the recipient and/or the organization.
Banks, financial service companies, online transaction or payment processors, online merchants, social media sites, and their customers may be frequent targets of such phishing e-mails. The phishing e-mails may be formatted in such a way that it is difficult for the recipient to determine its authenticity, even upon close inspection. For example, the phishing e-mail may be a copy of a legitimate e-mail message sent by the organization with all of the text, terms, and logos intact. The origin e-mail address of the phishing e-mail may be “spoofed” to hide the actual identity of the sender, and the displayed uniform resource locator (“URL”) for any links embedded in the message may be misrepresented so that the actual target websites are not apparent or discoverable.
Technologies for prevention of origin address spoofing and securing e-mail content, such as Sender Policy Framework (“SPF”), Secure/Multipurpose Internet Mail Extensions (“S/MIME”), and DomainKeys Identified Mail (“DKIM”), may provide some protection against phishing attacks. However, such protection technologies may require support for the associated frameworks and/or protocols in the recipient's e-mail client program and/or the e-mail transport system, and may not be widely implemented. Further, because these types of technologies are “in-band,” i.e. rely on content or data embedded the phishing e-mail itself, these technologies may be vulnerable to similar spoofs and misrepresentations.
It is with respect to these and other considerations that the disclosure made herein is presented.